<!DOCTYPE html>
<html lang="zh-cn">
<head>
    <title>数据库安全性</title>
    <meta charset="utf-8" />
    <link rel="stylesheet" type="text/css" href="../../css/note.css" />
</head>
<body>

<h3 class="nonu">术语表</h3>

<table>
	<tr>
		<th>缩写</th>
		<th>全称</th>
		<th>中文</th>
		<th>简介</th>
	</tr>
	<tr>
		<td>TCSEC</td>
		<td>Trusted Computer System Evaluation Criteria</td>
		<td>可信计算机系统评估准则</td>
		<td>1985 年由美国国防部颁布，又称 DoD85，桔皮书</td>
	</tr>
	<tr>
		<td>DoD</td>
		<td>Department of Defense</td>
		<td>美国国防部</td>
	</tr>
	<tr>
		<td>CC</td>
		<td>Common Criteria</td>
		<td>通用准则</td>
	</tr>
	<tr>
		<td>TCSEC/TDI</td>
		<td>TCSEC/Trusted Database Interpretation</td>
		<td>可信计算机系统评估准则关于可信数据库系统的解释</td>
		<td>又称紫皮书</td>
	</tr>
	<tr>
		<td>NCSC</td>
		<td>National Computer Security Center</td>
		<td>美国国家计算机安全中心</td>
	</tr>
	<tr>
		<td>DAC</td>
		<td>Discretionary Access Control</td>
		<td>自主存取控制</td>
	</tr>
	<tr>
		<td>MAC</td>
		<td>Mandatory Access Control</td>
		<td>强制存取控制</td>
	</tr>
	<tr>
		<td>TCB</td>
		<td>Trusted Computing Base</td>
	</tr>
	<tr>
		<td>EAL</td>
		<td>Evaluation Assurance Level</td>
		<td>(CC 标准的) 评估保证级</td>
	</tr>
	<tr>
		<td>PP</td>
		<td>Protection Profile</td>
		<td>(CC 标准的) 保护轮廓</td>
	</tr>
	<tr>
		<td>ST</td>
		<td>Security Target</td>
		<td>(CC 标准的) 安全目标</td>
	</tr>
</table>

<h2>数据库安全性控制</h2>

<h3>TCSEC/TDI 安全级别</h3>

<p> A1 最高，D 最低。</p>

<table>
	<tr>
		<th>安全级别</th>
		<th>定义</th>
		<th>中文</th>
	</tr>
	<tr>
		<td>A1</td>
		<td>verified design</td>
		<td>验证设计</td>
	</tr>
	<tr>
		<td>B3</td>
		<td>security domains</td>
		<td>安全域</td>
	</tr>
	<tr>
		<td>B2</td>
		<td>structural protection</td>
		<td>结构化保护</td>
	</tr>
	<tr>
		<td>B1</td>
		<td>labeled security protection</td>
		<td>标记安全保护</td>
	</tr>
	<tr>
		<td>C2</td>
		<td>controlled access protection</td>
		<td>受控的存取保护</td>
	</tr>
	<tr>
		<td>C1</td>
		<td>discretionary security protection</td>
		<td>自主安全保护</td>
	</tr>
	<tr>
		<td>D</td>
		<td>minimal protection</td>
		<td>最小保护</td>
	</tr>
</table>

<h3>CC 评估保证级</h3>

<table>
	<tr>
		<th>评估保证级</th>
		<th>定义</th>
		<th>中文</th>
		<th>近似的 TCSEC 等级</th>
	</tr>
	<tr>
		<td>EAL1</td>
		<td>functionally tested</td>
		<td>功能测试</td>
	</tr>
	<tr>
		<td>EAL2</td>
		<td>structurally tested</td>
		<td>结构测试</td>
		<td>C1</td>
	</tr>
	<tr>
		<td>EAL3</td>
		<td>methodically tested and checked</td>
		<td>系统地测试和检查</td>
		<td>C2</td>
	</tr>
	<tr>
		<td>EAL4</td>
		<td>methodically designed, tested and reviewed</td>
		<td>系统地设计、测试和复查</td>
		<td>B1</td>
	</tr>
	<tr>
		<td>EAL5</td>
		<td>semiformally designed and tested</td>
		<td>半形式化设计和测试</td>
		<td>B2</td>
	</tr>
	<tr>
		<td>EAL6</td>
		<td>semiformally verified design and tested</td>
		<td>半形式化验证的设计和测试</td>
		<td>B3</td>
	</tr>
	<tr>
		<td>EAL7</td>
		<td>formally verified design and tested</td>
		<td>形式化验证的设计和测试</td>
		<td>A1</td>
	</tr>
</table>

<h2>数据库安全性控制</h2>

<script src="../../js/note.js?type=cs"></script>
</body>
</html>
